From f4b3429782c66d439d20616229bffe3d226a73f4 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Sat, 30 Jan 2021 13:05:32 +0100 Subject: [PATCH] Fix mutex leak in CTR_DRBG mbedtls_ctr_drbg_free() left a mutex in the initialized state. This caused a resource leak on platforms where mbedtls_mutex_init() allocates resources. To fix this, mbedtls_ctr_drbg_free() no longer reinitializes the mutex. To preserve the property that mbedtls_ctr_drbg_free() leaves the object in an initialized state, which is generally true throughout the library except regarding mutex objects on some platforms, no longer initialize the mutex in mbedtls_ctr_drbg_init(). Since the mutex is only used after seeding, and seeding is only permitted once, call mbedtls_mutex_init() as part of the seeding process. Signed-off-by: Gilles Peskine --- library/ctr_drbg.c | 14 ++++++-------- 1 file changed, 6 insertions(+), 8 deletions(-) diff --git a/library/ctr_drbg.c b/library/ctr_drbg.c index 3815dc7ca..48efada97 100644 --- a/library/ctr_drbg.c +++ b/library/ctr_drbg.c @@ -56,10 +56,6 @@ void mbedtls_ctr_drbg_init( mbedtls_ctr_drbg_context *ctx ) ctx->reseed_counter = -1; ctx->reseed_interval = MBEDTLS_CTR_DRBG_RESEED_INTERVAL; - -#if defined(MBEDTLS_THREADING_C) - mbedtls_mutex_init( &ctx->mutex ); -#endif } /* @@ -72,15 +68,13 @@ void mbedtls_ctr_drbg_free( mbedtls_ctr_drbg_context *ctx ) return; #if defined(MBEDTLS_THREADING_C) - mbedtls_mutex_free( &ctx->mutex ); + if( ctx->f_entropy != NULL ) + mbedtls_mutex_free( &ctx->mutex ); #endif mbedtls_aes_free( &ctx->aes_ctx ); mbedtls_platform_zeroize( ctx, sizeof( mbedtls_ctr_drbg_context ) ); ctx->reseed_interval = MBEDTLS_CTR_DRBG_RESEED_INTERVAL; ctx->reseed_counter = -1; -#if defined(MBEDTLS_THREADING_C) - mbedtls_mutex_init( &ctx->mutex ); -#endif } void mbedtls_ctr_drbg_set_prediction_resistance( mbedtls_ctr_drbg_context *ctx, @@ -464,6 +458,10 @@ int mbedtls_ctr_drbg_seed( mbedtls_ctr_drbg_context *ctx, memset( key, 0, MBEDTLS_CTR_DRBG_KEYSIZE ); +#if defined(MBEDTLS_THREADING_C) + mbedtls_mutex_init( &ctx->mutex ); +#endif + mbedtls_aes_init( &ctx->aes_ctx ); ctx->f_entropy = f_entropy;